﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace parkour
{
   public partial class _Register : System.Web.UI.Page
   {
      string tm_EmptyString = "<br />";

      /// <Page load>
      /// Load the page
      /// </Page load>
      protected void Page_Load(object sender, EventArgs e)
      {
         ErrorMessage.Text = tm_EmptyString;
         UserID.Focus();
      }

      /// <summary>
      /// Attempts to register the user.
      /// If successful logs the user in and redirects to their home page
      /// </summary>
      protected void RegisterButtonClick(object sender, EventArgs e)
      {
         int rows_affected = 0; // Gets the number of rows changed on the insert

         // Gets the gender_ID for the sql insert
         int gender = 0;
         if (Male.Checked)
            gender = 1;
         else
            gender = 2;

         // Open DB connection
         SqlConnection PK_DB = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["SEI_PKConnString"].ConnectionString);
         PK_DB.Open();

         // Load stored procedure and add parameters
         SqlCommand command_CreateUser = new SqlCommand("register_user", PK_DB);
         command_CreateUser.CommandType = CommandType.StoredProcedure;
         command_CreateUser.Parameters.AddWithValue("@user_ID", UserID.Text);
         command_CreateUser.Parameters.AddWithValue("@first_name", FirstName.Text);
         command_CreateUser.Parameters.AddWithValue("@last_name", LastName.Text);
         command_CreateUser.Parameters.AddWithValue("@gender_ID", gender);
         command_CreateUser.Parameters.AddWithValue("@email_address", Email.Text);
         command_CreateUser.Parameters.AddWithValue("@box_number", BoxNumber.Text);
         command_CreateUser.Parameters.AddWithValue("@residency_ID", Residency.SelectedValue);
         command_CreateUser.Parameters.AddWithValue("@classification_ID", Classification.SelectedValue);
         command_CreateUser.Parameters.AddWithValue("@password", Password.Text);

         // Execute SQL statement and dispose
         rows_affected = command_CreateUser.ExecuteNonQuery();
         command_CreateUser.Dispose();

         if (rows_affected == 1)
         {
            Master.user_ID = UserID.Text;
            Master.user_first_name = FirstName.Text;
            Master.user_last_name = LastName.Text;

            // Get user permissions and redirect
            SqlCommand GetPermissions = new SqlCommand("get_permission", PK_DB);
            GetPermissions.CommandType = CommandType.StoredProcedure;
            GetPermissions.Parameters.AddWithValue("@user_ID", Master.user_ID);

            SqlDataReader user_permission = GetPermissions.ExecuteReader();

            if (user_permission.HasRows)
            {
               while (user_permission.Read())
               {
                  Master.permission_level = (int)user_permission["p_ID"];
               }
            }

            user_permission.Close();
            user_permission.Dispose();
            GetPermissions.Dispose();
         }
         else
         {
            //register failed
         }

         // Close DB connection
         PK_DB.Close();
         PK_DB.Dispose();

         Master.logout_visibility = true;

         if (Master.permission_level == 1)
         {
            Response.Redirect("~/Web pages/Admin Pages/AdminIndex.aspx");
         }
         else if (Master.permission_level == 2)
         {
            Response.Redirect("~/Web pages/Security Pages/SecurityIndex.aspx");
         }
         else if (Master.permission_level == 3)
         {
            Response.Redirect("~/Web pages/User Pages/UserIndex.aspx");
         }
         else
         {
            //error
         }
         // Close DB connection
         PK_DB.Close();
         PK_DB.Dispose();
         UserID.Text = Male.Text;
      }
   }
}
